Yesterday, independent newsroom ProPublica published a detailed piece examining the popular WhatsApp messaging platform’s privacy claims. The service famously offers “end-to-end encryption,” which most users interpret as meaning that Facebook, WhatsApp’s owner since 2014, can neither read messages itself nor forward them to law enforcement.
This claim is contradicted by the simple fact that Facebook employs about 1,000 WhatsApp moderators whose entire job is—you guessed it—reviewing WhatsApp messages that have been flagged as “improper.”
End-to-end encryption—but what’s an “end”?
The loophole in WhatsApp’s end-to-end encryption is simple: the recipient of any WhatsApp message can flag it. Once flagged, the message is copied on the recipient’s device and sent as a separate message to Facebook for review.